[arch-commits] Commit in hplip/trunk (2 files)
Andreas Radke
andyrtr at gemini.archlinux.org
Sat Mar 12 20:17:59 UTC 2022
Date: Saturday, March 12, 2022 @ 20:17:58
Author: andyrtr
Revision: 439478
upgpkg: hplip 1:3.22.2-2: fix possible stack buffer overflows - FS#48112
Added:
hplip/trunk/0024-fix-possible-stack-buffer.overflows.patch
Modified:
hplip/trunk/PKGBUILD
------------------------------------------------+
0024-fix-possible-stack-buffer.overflows.patch | 11 +++++++++++
PKGBUILD | 6 +++++-
2 files changed, 16 insertions(+), 1 deletion(-)
Added: 0024-fix-possible-stack-buffer.overflows.patch
===================================================================
--- 0024-fix-possible-stack-buffer.overflows.patch (rev 0)
+++ 0024-fix-possible-stack-buffer.overflows.patch 2022-03-12 20:17:58 UTC (rev 439478)
@@ -0,0 +1,11 @@
+--- hplip-3.22.2/scan/sane/bb_ledm.c 2022-02-23 08:41:05.000000000 +0100
++++ hplip-3.22.2/scan/sane/bb_ledm.c.new 2022-03-12 21:10:05.818054984 +0100
+@@ -1015,7 +1015,7 @@
+ c +=11;
+ char BinaryURL[30];
+ i = 0;
+- while(*c != '<')
++ while(*c != '<' && i < 29)
+ {
+ BinaryURL[i++] = *c ;
+ c++;
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2022-03-12 17:47:44 UTC (rev 439477)
+++ PKGBUILD 2022-03-12 20:17:58 UTC (rev 439478)
@@ -5,7 +5,7 @@
pkgname=hplip
pkgver=3.22.2
-pkgrel=1
+pkgrel=2
epoch=1
pkgdesc="Drivers for HP DeskJet, OfficeJet, Photosmart, Business Inkjet and some LaserJet"
arch=('x86_64')
@@ -28,6 +28,7 @@
disable_upgrade.patch
0022-Add-include-cups-ppd.h-in-various-places-as-CUPS-2.2.patch
0023-Fix-handling-of-unicode-filenames-in-sixext.py.patch
+ 0024-fix-possible-stack-buffer.overflows.patch
# use the one from Fedora
hplip-configure-python.patch
python3.diff
@@ -37,6 +38,7 @@
'ee0bd240568a7dbb4dc6ef64dba28ea84c4bedf7d688d054960c686666f8f0bc4562961c40845107ef0c936e60d3e676bffb2a1ba708039690bb0520cda3a525'
'22aeb5b851f78bc6bc62e0bc3da99fecaf42d7604af41e2f3343f8d3666541f7b06b7d1a7d0ddf24f1731ac7b12dfe582375a98e3b94dfa323d6ce954549ca67'
'763949a0bc460dcc9faefc86f2a91cf342781bfce696ed0c3826758572dd03ac266bbeb7b6a4f9376ac298d7d3c9c4def42d94921a8e1d1695e39396e36d95ff'
+ '460f4447faf688981bafebda71b0f144e662368ad87e944cb01834750ae133b1aad2a1c50e6ee168adf972cfe04ca0857da6ff1124d176f93c342f2a1273b962'
'089c102357ea5fd55d81ae76aaff62713f780fd84500c3b92ecd6b2bb11ccdc3a162978548e9a5f9e98a8354a5be3997e416c52daa18eda4621ed79a29d6fea8'
'b8a4c860e90a52ec566ca5a9c7f3a5ecb7386ae76e17b2c6c878073e60eeaf0cb63883b740b4725794be9914e1ab8fc91313efb288395f3095f599c07f54cf14'
'7bad907228b7c2f3c43128f087a2f8e03778760b7a26179ff441c1f60127e2fca08c94dff76baea2469d3a253a8f46b285d0af0f62a6d8738926caf7a10f670b')
@@ -51,6 +53,8 @@
patch -Np1 -i "${srcdir}"/0022-Add-include-cups-ppd.h-in-various-places-as-CUPS-2.2.patch
# fix some handling unicode file names FS#58412
patch -Np1 -i "${srcdir}"/0023-Fix-handling-of-unicode-filenames-in-sixext.py.patch
+ # address possible stack buffer overflows - FS#48112 / https://bugs.launchpad.net/hplip/+bug/1544099
+ patch -Np1 -i "${srcdir}"/0024-fix-possible-stack-buffer.overflows.patch
# Workaround patch for missing Python3 transition of the old
# (pre-USB-storage) photo memory card support (pcardext) - Debian patch
patch -Np1 -i "${srcdir}"/python3.diff
More information about the arch-commits
mailing list